Privilege Escalation Vulnerability in Haveged by SUSE
CVE-2026-41054

7.8HIGH

Key Information:

Vendor: Suse
Status: Container Suse/sle-micro-rancher/5.3:latest; Container Suse/sle-micro-rancher/5.4:latest; Container Suse/sle-micro/5.5:latest; Image Sles15-sp4-SAP-byos
Vendor: CVE Published:; 20 May 2026

What is CVE-2026-41054?

In the Haveged implementation, specifically within the socket_handler function located in src/havegecmd.c, a significant vulnerability exists where the credential verification for connecting users is inadequately managed. Although the code correctly identifies non-root users by assessing the user ID and prepares a negative acknowledgement, it fails to halt execution afterward. This oversight permits local unprivileged users to bypass intended restrictions and execute privileged commands, such as MAGIC_CHROOT, exposing the system to potential exploitation.

Affected Version(s)

Container suse/sle-micro-rancher/5.3:latest ? < 1.9.14-150400.3.11.1

Container suse/sle-micro-rancher/5.4:latest ? < 1.9.14-150400.3.11.1

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2026-41054

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2026
Vulnerability Reserved
Apr 16, 2026

Credit

Dirk Mueller of SUSE

CVE-2026-41054 Data

JSON

Suse

What is CVE-2026-41054?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit